Another Day, Another Databreach - Australian Healthcare Provider Victim to Large-Scale Ransomware Attack - Medisecure

geekcohen on 16/05/2024 - 13:49
Last edited 16/05/2024 - 14:58 by 1 other user

'Large-scale' data breach on Australian health information company
Australian healthcare provider victim to large-scale ransomware attack

Here we go again!

An Australian health information provider has fallen victim to a "large scale" data breach, sparking a national approach from the federal government.

The National Cyber Security Coordinator said it was informed by the company of the incident yesterday, but did not name the company that fell victim to the ransomware.

"Yesterday afternoon I was advised by a commercial health information organisation that it was the victim of a large-scale ransomware data breach incident," Cyber Security Coordinator Lieutenant-General Michelle McGuinness said in a statement.

Not named who it is yet. Believed to be Ramsay Health Services. False, this was named in the News.com.au comments. Believed to be https://www.medisecure.com.au/

Cyber security incident/data breach

MediSecure has identified a cyber security incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems.

While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors.

MediSecure takes its legal and ethical obligations seriously and appreciate this information will be of concern. MediSecure is actively assisting the Australian Digital Health Agency and the National Cyber Security Coordinator to manage the impacts of the incident. MediSecure has also notified the Office of the Australian Information Commissioner and other key regulators.

MediSecure understands the importance of transparency and will provide further updates via our website as soon as more information becomes available. We appreciate your patience and understanding during this time.

16 May 2024

Internet Data Breach

Related Stores

medisecure.com.au
medisecure.com.au

Comments

  • freefall101 on 16/05/2024 - 13:54
    +1

    They've kicked off the National Coordination Mechanism, to bring all levels of government and industry in. Same thing happened with the 10 million users with medibank.

    So at least we know it's likely to be a horrible one.

  • Sye on 16/05/2024 - 13:54
    +14

    It has been 1̶ 0 days since a Data Breach.

    • moar bargains on 17/05/2024 - 10:57
      +2

      We need to start counting in minutes not days

  • pharkurnell on 16/05/2024 - 14:39
    +1

    what a shock

    its been named in the comments on news.com.au who it is

  • freefall101 on 16/05/2024 - 14:57
    +3

    https://www.medisecure.com.au/ - up on their homepage.

    • Baysew on 16/05/2024 - 15:05
      +7

      Company name doesn't check out.

      • bamzero on 16/05/2024 - 20:08

        The medi is secure, your data is not.

    • HairyChickens on 16/05/2024 - 15:39
      +2

      Ironic

  • Dollar General on 16/05/2024 - 15:37
    +1

    I hope the hackers don’t try to blackmail me and release details about my Medicare funded penis reduction

    • freefall101 on 16/05/2024 - 18:07

      What's the bet the government pays the ransom so we don't find out which of them are taking which meds?

      Although as the oldest and slightly unhingest member, I imagine Bob Katter would top the list and I'm not sure the government cares about protecting him.

  • djones145 on 16/05/2024 - 16:23

    so many data breaches
    easier just to name companies that havent had one ( kinda a hit list for hackers)

  • Clear on 16/05/2024 - 16:25

    Medisecure is one of the two eScript exchange delivery services with the other being eRx. Last year the government announced that eRx would become the preferred provider for eScript delivery and practices had until the 30th of September to changeover otherwise they'd have to pay per eScript dispensed on Medisecure.

    So the good news is that nearly all providers would have been using eRx so any information Medisecure stored likely is not up to date.

    Interestingly Medisecure had major infrastructure upgrades just before the announcement that they'd lost the bid to eRx. Seems with their main source of income gone there wasn't any money available to keep infrastructure up to date.

    • brandt on 16/05/2024 - 16:29

      Who are Medisecure clients? If its doctors, surgeries, pharmacies and hospitals it will be a shit show to get to the end users who will be distributed across this network. So I could be impacted but if the medical center I used years ago doesnt have my current contact details my details might have been stolen without me ever knowing.

      • Clear on 16/05/2024 - 16:55
        +1

        Best way to check if your GP was using Medisecure previously (short of asking them) is checking your SMS history for anything from Medisecure. An escript dispensed through Medisecure would have the url starting with https://ausscripts.medisecure.com.au

        • ThithLord on 17/05/2024 - 09:12

          Phew - mine are all ausscripts.erx

        • brandt on 17/05/2024 - 09:20

          Lol yep, One of the doctors I used 2 years ago used Medisecure.. now to figure out which one since the link has long expired.

    • Montyjpm on 17/05/2024 - 09:12
      -1

      "money available to keep infrastructure up to date." - everyone in CEH knows that human is the weakest link for hacking and all the money in the world will not stop people using FaceGram.

  • Gdsamp on 16/05/2024 - 17:43
    +1

    Business as usual in this country….

  • try2bhelpful on 16/05/2024 - 18:11
    -3

    If it is just what medication I’m on I don’t give a rats who knows.

    • Cat woman on 17/05/2024 - 02:29

      What meds are you on?

      • try2bhelpful on 17/05/2024 - 02:44

        Usual old people stuff.

        • Cat woman on 17/05/2024 - 03:03

          I apologise, that was rude of me to ask. Take care :)

          • try2bhelpful on 17/05/2024 - 11:25
            -1

            @Cat woman: Statins. And I don’t see how that gets them anything. If it is something they can monetise that is more of an issue.

  • Sinnerator on 17/05/2024 - 09:14
    -3

    A formal statement from a Medisecure spokesperson included:
    "To all our customers, the general public and the Australian Government we offer a big go (profanity) yourselves. We don't care about data security or privacy and there is nothing you can do about it".

  • Store Rep[Deactivated] @ CPK Web Services on 20/05/2024 - 02:06
    +1

    Looks like they were using a mix of both Google cloud services and Microsoft Azure.
    Both of which are self managed by default so unless they were using a partner to manage their environment then their isn't any third party to blame as neither cloud provider takes responsibility for data.
    You need to know what your doing when using cloud providers.

Login or Join to leave a comment
Login Join